database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-16 06:01:02 +03:00
Code Activity

Allow XML processing instructions starting with "xml" while prohibiting

Browse Source 
those being exactly "xml".  Bug #3735 from Ben Leslie
This commit is contained in:
Peter Eisentraut
2007-11-09 15:52:51 +00:00
parent 3991c3fb2b
commit 8db43db01e
4 changed files with 53 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/backend/utils/adt/xml.c
View File

@ -7,7 +7,7 @@
* Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* $PostgreSQL: pgsql/src/backend/utils/adt/xml.c,v 1.53 2007/11/08 15:16:45 petere Exp $
* $PostgreSQL: pgsql/src/backend/utils/adt/xml.c,v 1.54 2007/11/09 15:52:51 petere Exp $
*
*-------------------------------------------------------------------------
*/
@ -676,11 +676,11 @@ xmlpi(char *target, text *arg, bool arg_is_null, bool *result_is_null)
xmltype *result;
StringInfoData buf;
if (pg_strncasecmp(target, "xml", 3) == 0)
if (pg_strcasecmp(target, "xml") == 0)
ereport(ERROR,
(errcode(ERRCODE_SYNTAX_ERROR), /* really */
errmsg("invalid XML processing instruction"),
errdetail("XML processing instruction target name cannot start with \"xml\".")));
errdetail("XML processing instruction target name cannot be \"%s\".", target)));
/*
* Following the SQL standard, the null check comes after the
@ -997,6 +997,14 @@ xml_init(void)
#define SKIP_XML_SPACE(p) \
while (xmlIsBlank_ch(*(p))) (p)++
/* Letter | Digit | '.' | '-' | '_' | ':' | CombiningChar | Extender */
#define pg_xmlIsNameChar(c) \
(xmlIsBaseChar_ch(c) || xmlIsIdeographicQ(c) \
|| xmlIsDigit_ch(c) \
|| c == '.' || c == '-' || c == '_' || c == ':' \
|| xmlIsCombiningQ(c) \
|| xmlIsExtender_ch(c))
static int
parse_xml_decl(const xmlChar *str,size_t *lenp,
xmlChar **version, xmlChar **encoding, int *standalone)
@ -1004,6 +1012,7 @@ parse_xml_decl(const xmlChar *str,size_t *lenp,
const xmlChar *p;
const xmlChar *save_p;
size_t len;
int utf8len;
xml_init();
@ -1019,6 +1028,10 @@ parse_xml_decl(const xmlChar *str,size_t *lenp,
if (xmlStrncmp(p, (xmlChar *)"<?xml", 5) != 0)
goto finished;
/* This means it's a PI like <?xml-stylesheet ...?>. */
if (pg_xmlIsNameChar(xmlGetUTF8Char(&p[5], &utf8len)))
goto finished;
p += 5;
/* version */